agent-sh 0.5.0 → 0.6.0

package/dist/index.js

@@ -11,6 +11,7 @@ import shellRecall from "./extensions/shell-recall.js";
 import commandSuggest from "./extensions/command-suggest.js";
 import { loadExtensions } from "./extension-loader.js";
 import { getSettings } from "./settings.js";
+import { discoverSkills } from "./agent/skills.js";
 /**
  * Capture the user's full shell environment.
  * This picks up env vars exported in .zshrc/.bashrc that the
@@ -129,8 +130,7 @@ Examples:
 
 Inside the shell:
   Type normally        Commands run in your real shell
-  > <query>           Ask the AI agent a question (execute mode)
-  ? <command>         Have the agent run a command in your shell (help mode)
+  > <query>           Ask the AI agent (it decides how to help)
   > /help             Show available slash commands
   Ctrl-C              Cancel agent response (or signal shell as usual)
 `);
@@ -210,40 +210,18 @@ async function main() {
     if (process.env.DEBUG) {
         console.error('[agent-sh] Shell created');
     }
-    // ── Input modes ──────────────────────────────────────────────
+    // ── Input mode ───────────────────────────────────────────────
     bus.emit("input-mode:register", {
-        id: "execute",
+        id: "agent",
         trigger: ">",
-        label: "execute",
+        label: "agent",
         promptIcon: "❯",
         indicator: "●",
         onSubmit(query, b) {
-            b.emit("agent:submit", { query, modeLabel: "Execute", modeInstruction: "[mode: execute]" });
+            b.emit("agent:submit", { query });
         },
         returnToSelf: true,
     });
-    bus.emit("input-mode:register", {
-        id: "help",
-        trigger: "?",
-        label: "help",
-        promptIcon: "❯",
-        indicator: "❓",
-        onSubmit(query, b) {
-            const onToolDone = (e) => {
-                if (e.kind === "execute") {
-                    b.emit("agent:cancel-request", { silent: true });
-                }
-            };
-            const cleanup = () => {
-                b.off("agent:tool-completed", onToolDone);
-                b.off("agent:processing-done", cleanup);
-            };
-            b.on("agent:tool-completed", onToolDone);
-            b.on("agent:processing-done", cleanup);
-            b.emit("agent:submit", { query, modeLabel: "Help", modeInstruction: "[mode: help]" });
-        },
-        returnToSelf: false,
-    });
     // ── Extensions ────────────────────────────────────────────────
     if (process.env.DEBUG) {
         console.error('[agent-sh] Setting up extensions...');
@@ -259,8 +237,9 @@ async function main() {
         console.error('[agent-sh] Loading extensions...');
     }
     const loadExtensionsTimeoutMs = 10000;
+    let loadedExtensions = [];
     await Promise.race([
-        loadExtensions(extCtx, config.extensions),
+        loadExtensions(extCtx, config.extensions).then((names) => { loadedExtensions = names; }),
         new Promise((_, reject) => setTimeout(() => reject(new Error(`Extension loading timeout after ${loadExtensionsTimeoutMs}ms`)), loadExtensionsTimeoutMs)),
     ]).catch((err) => {
         console.error(`Warning: ${err.message}`);
@@ -268,6 +247,8 @@ async function main() {
     if (process.env.DEBUG) {
         console.error('[agent-sh] Extensions loaded');
     }
+    // ── Discover skills ───────────────────────────────────────────
+    const skills = discoverSkills(process.cwd());
     // ── Activate agent backend ────────────────────────────────────
     // Extensions had their chance to register via agent:register-backend.
     // If none did, the built-in AgentLoop gets wired to bus events.
@@ -275,15 +256,39 @@ async function main() {
     // ── Startup banner ───────────────────────────────────────────
     const settings = getSettings();
     if (settings.startupBanner !== false) {
-        const title = core.llmClient
-            ? `${p.accent}${p.bold}agent-sh${p.reset}${p.dim} · ${core.llmClient.model}${p.reset}`
-            : `${p.accent}${p.bold}agent-sh${p.reset}`;
-        const hint = `${p.muted}Type ${p.warning}>${p.muted} to ask AI · ${p.warning}?${p.muted} to run in shell · ${p.warning}/help${p.muted} for commands${p.reset}`;
         const termW = process.stdout.columns || 80;
-        const borderLine = `${p.muted}${"─".repeat(Math.min(termW, 60))}${p.reset}`;
+        const bannerW = Math.min(termW, 60);
+        const productName = `${p.accent}${p.bold}agent-sh${p.reset}`;
+        const info = agentInfo;
+        const backendName = info?.name ?? "agent-sh";
+        const model = info?.model ?? core.llmClient?.model;
+        const provider = info?.provider;
+        const modelValue = model
+            ? provider ? `${model} [${provider}]` : model
+            : null;
+        let sections = "";
+        sections += `\n\n  ${p.muted}Backend:${p.reset} ${p.dim}${backendName}${p.reset}`;
+        if (modelValue) {
+            sections += `\n  ${p.muted}Model:${p.reset} ${p.dim}${modelValue}${p.reset}`;
+        }
+        if (loadedExtensions.length > 0) {
+            sections += `\n\n  ${p.muted}Extensions:${p.reset}`;
+            for (const name of loadedExtensions) {
+                sections += `\n    ${p.dim}${name}${p.reset}`;
+            }
+        }
+        if (skills.length > 0) {
+            sections += `\n\n  ${p.muted}Skills:${p.reset}`;
+            for (const s of skills) {
+                sections += `\n    ${p.dim}${s.name}${p.reset}`;
+            }
+        }
+        const hint = `${p.muted}Type ${p.warning}>${p.muted} to ask AI · ${p.warning}>/help${p.muted} for commands${p.reset}`;
+        const borderLine = `${p.muted}${"─".repeat(bannerW)}${p.reset}`;
         process.stdout.write("\n" + borderLine + "\n" +
-            "  " + title + "\n" +
-            "  " + hint + "\n" +
+            "  " + productName +
+            sections + "\n" +
+            "\n  " + hint + "\n" +
             borderLine + "\n\n");
     }
     // ── Terminal lifecycle ────────────────────────────────────────

package/dist/input-handler.js

@@ -509,7 +509,8 @@ export class InputHandler {
                         }
                         this.editor.buffer = this.history[this.historyIndex];
                         this.editor.cursor = this.editor.buffer.length;
-                        this.renderModeInput();
+                        this.clearAutocompleteLines();
+                        this.writeModePromptLine();
                     }
                     break;
                 case "arrow-down":
@@ -532,7 +533,8 @@ export class InputHandler {
                             this.editor.buffer = this.savedBuffer;
                         }
                         this.editor.cursor = this.editor.buffer.length;
-                        this.renderModeInput();
+                        this.clearAutocompleteLines();
+                        this.writeModePromptLine();
                     }
                     break;
             }

package/dist/settings.js

@@ -22,7 +22,7 @@ const DEFAULTS = {
     shellTailLines: 5,
     recallExpandMaxLines: 100,
     maxCommandOutputLines: 3,
-    readOutputMaxLines: 0,
+    readOutputMaxLines: 10,
     diffMaxLines: 20,
     skillPaths: [],
     startupBanner: true,

package/dist/shell.js

@@ -274,7 +274,7 @@ export class Shell {
                 const handler = (e) => {
                     clearTimeout(timeout);
                     this.bus.off("shell:command-done", handler);
-                    resolve({ output: e.output, cwd: e.cwd });
+                    resolve({ output: e.output, cwd: e.cwd, exitCode: e.exitCode });
                 };
                 this.bus.on("shell:command-done", handler);
                 this.outputParser.onCommandEntered(payload.command, this.outputParser.getCwd());
@@ -283,7 +283,7 @@ export class Shell {
             this.paused = true;
             this.echoSkip = false;
             this.bus.emit("shell:agent-exec-done", {});
-            return { ...payload, output: output.output, cwd: output.cwd, done: true };
+            return { ...payload, output: output.output, cwd: output.cwd, exitCode: output.exitCode, done: true };
         });
     }
     // ── Public API (used by index.ts) ──

package/dist/utils/diff.js

@@ -39,6 +39,16 @@ export function computeDiff(oldText, newText) {
     // Build LCS table and backtrack to produce diff lines
     const a = oldText.split("\n");
     const b = newText.split("\n");
+    // Bail out if LCS table would be too large (avoids OOM / hang)
+    if (a.length * b.length > 10_000_000) {
+        return {
+            hunks: [],
+            added: b.length,
+            removed: a.length,
+            isIdentical: false,
+            isNewFile: false,
+        };
+    }
     const dp = buildLcs(a, b);
     const raw = backtrack(dp, a, b);
     let added = 0;

package/dist/utils/markdown.d.ts

@@ -15,6 +15,7 @@ export declare class MarkdownRenderer {
     private buffer;
     private contentWidth;
     private firstLine;
+    private lastLineBlank;
     private pendingLines;
     private width;
     private tableRows;

package/dist/utils/markdown.js

@@ -83,6 +83,7 @@ export class MarkdownRenderer {
     buffer = "";
     contentWidth;
     firstLine = true;
+    lastLineBlank = false;
     pendingLines = [];
     width;
     tableRows = [];
@@ -192,6 +193,9 @@ export class MarkdownRenderer {
         }
         // Render rows
         const hasHeader = sepIdx.includes(1) && dataRows.length > 1;
+        // Top border
+        const topBorder = colWidths.map((w) => "─".repeat(w)).join(`─┬─`);
+        this.writeLine(`${p.dim}┌─${topBorder}─┐${p.reset}`);
         for (let i = 0; i < dataRows.length; i++) {
             const row = dataRows[i];
             const isHeader = hasHeader && i === 0;
@@ -207,6 +211,9 @@ export class MarkdownRenderer {
                 this.writeLine(`${p.dim}├─${sep}─┤${p.reset}`);
             }
         }
+        // Bottom border
+        const bottomBorder = colWidths.map((w) => "─".repeat(w)).join(`─┴─`);
+        this.writeLine(`${p.dim}└─${bottomBorder}─┘${p.reset}`);
     }
     renderLine(line) {
         if (line.trim() === "")
@@ -232,6 +239,16 @@ export class MarkdownRenderer {
         const bq = line.match(/^>\s?(.*)/);
         if (bq)
             return `${p.muted}│${p.reset} ${p.dim}${p.italic}${this.renderInline(bq[1] || "")}${p.reset}`;
+        // Task list (checkbox items) — must come before generic unordered list
+        const task = line.match(/^(\s*)[*\-+]\s+\[([ xX])\]\s+(.*)/);
+        if (task) {
+            const indent = task[1] || "";
+            const checked = task[2] !== " ";
+            const box = checked
+                ? `${p.success}☑${p.reset}`
+                : `${p.dim}☐${p.reset}`;
+            return `${indent}  ${box} ${this.renderInline(task[3] || "")}`;
+        }
         // Unordered list
         const ul = line.match(/^(\s*)[*\-+]\s+(.*)/);
         if (ul) {
@@ -268,9 +285,14 @@ export class MarkdownRenderer {
      * The line is accumulated internally — call drainLines() to extract.
      */
     writeLine(text) {
-        if (this.firstLine && visibleLen(text) === 0)
+        const isBlank = visibleLen(text) === 0;
+        if (this.firstLine && isBlank)
+            return;
+        // Collapse consecutive blank lines to a single one
+        if (isBlank && this.lastLineBlank)
             return;
         this.firstLine = false;
+        this.lastLineBlank = isBlank;
         this.pendingLines.push(`  ${text}`);
     }
 }

package/dist/utils/tool-display.d.ts

@@ -6,6 +6,8 @@ export interface ToolCallRender {
     command?: string;
     /** Tool kind from ACP (read, edit, execute, search, etc.). */
     kind?: string;
+    /** Custom icon character — when set, tool name is omitted (icon implies tool). */
+    icon?: string;
     /** File locations affected by the tool call. */
     locations?: {
         path: string;
@@ -13,6 +15,8 @@ export interface ToolCallRender {
     }[];
     /** Raw input parameters sent to the tool. */
     rawInput?: unknown;
+    /** Pre-formatted display detail from tool's formatCall(). Takes precedence over rawInput extraction. */
+    displayDetail?: string;
 }
 export interface ToolResultRender {
     exitCode: number | null;

package/dist/utils/tool-display.js

@@ -39,6 +39,7 @@ const KIND_ICONS = {
     move: "↗",
     search: "⌕",
     execute: "▶",
+    display: "◇",
     think: "◇",
     fetch: "↓",
     switch_mode: "⇄",
@@ -49,7 +50,10 @@ function kindIcon(kind) {
 // ── Tool call rendering ──────────────────────────────────────────
 export function renderToolCall(tool, width) {
     const mode = selectToolDisplayMode(width);
-    const icon = kindIcon(tool.kind);
+    const icon = tool.icon ?? kindIcon(tool.kind);
+    // If the tool registered a custom icon, it's self-describing — omit the name.
+    // Otherwise, include the tool name so the user knows what ran.
+    const hasCustomIcon = !!tool.icon;
     if (mode === "summary") {
         const text = truncateVisible(`${icon} ${tool.title}`, width);
         return [`${p.warning}${text}${p.reset}`];
@@ -58,7 +62,10 @@ export function renderToolCall(tool, width) {
     // Build a compact detail string to append after the title
     let detail = "";
     const cwd = process.cwd();
-    if (mode === "full") {
+    if (mode === "full" && tool.displayDetail) {
+        detail = tool.displayDetail;
+    }
+    else if (mode === "full") {
         if (tool.command) {
             detail = `$ ${tool.command}`;
         }
@@ -97,14 +104,24 @@ export function renderToolCall(tool, width) {
             }
         }
     }
-    // Render as single line: icon + detail (icon implies the tool type)
-    // Falls back to icon + title when no detail is available
+    // Render as single line: icon + kind + detail
     const maxDetailW = Math.max(1, width - 4);
-    if (detail) {
+    if (detail && hasCustomIcon && tool.kind) {
+        const combined = `${tool.kind} ${detail}`;
+        const truncated = combined.length > maxDetailW ? combined.slice(0, maxDetailW - 1) + "…" : combined;
+        lines.push(`${p.warning}${icon}${p.reset} ${p.dim}${truncated}${p.reset}`);
+    }
+    else if (detail && hasCustomIcon) {
         if (detail.length > maxDetailW)
             detail = detail.slice(0, maxDetailW - 1) + "…";
         lines.push(`${p.warning}${icon}${p.reset} ${p.dim}${detail}${p.reset}`);
     }
+    else if (detail) {
+        const prefix = `${tool.title}: `;
+        const combined = prefix + detail;
+        const truncated = combined.length > maxDetailW ? combined.slice(0, maxDetailW - 1) + "…" : combined;
+        lines.push(`${p.warning}${icon}${p.reset} ${p.dim}${truncated}${p.reset}`);
+    }
     else {
         lines.push(`${p.warning}${icon} ${tool.title}${p.reset}`);
     }

package/examples/extensions/claude-code-bridge/index.ts

@@ -30,8 +30,8 @@ function createUserShellTool(bus: EventBus) {
 
   return tool(
     "user_shell",
-    "Run a command in the user's live shell (visible in terminal). " +
-    "Use for cd, export, source, or commands the user wants to see. " +
+    "Run a command with lasting effects in the user's live shell (cd, export, " +
+    "install packages, start servers) or show output the user wants to see. " +
     "Set return_output=true only if you need to inspect the result.",
     {
       command: z.string().describe("Command to execute in user's shell"),
@@ -71,12 +71,8 @@ export default function activate(ctx: ExtensionContext): void {
   const listeners: Array<{ event: string; fn: Function }> = [];
 
   const wireListeners = () => {
-    const onSubmit = async ({ query: userQuery, modeInstruction, modeLabel }: any) => {
-      const prompt = modeInstruction
-        ? `${modeInstruction}\n${userQuery}`
-        : userQuery;
-
-      bus.emit("agent:query", { query: userQuery, modeLabel });
+    const onSubmit = async ({ query: userQuery }: any) => {
+      bus.emit("agent:query", { query: userQuery });
       bus.emit("agent:processing-start", {});
 
       let fullResponseText = "";
@@ -84,7 +80,7 @@ export default function activate(ctx: ExtensionContext): void {
 
       try {
         activeQuery = query({
-          prompt,
+          prompt: userQuery,
           options: {
             cwd: process.cwd(),
             systemPrompt: {
@@ -92,9 +88,9 @@ export default function activate(ctx: ExtensionContext): void {
               preset: "claude_code",
               append:
                 "You are running inside agent-sh, a terminal wrapper.\n" +
-                "EXECUTE mode ('>'): Use your standard tools. Do NOT use user_shell.\n" +
-                "HELP mode ('?'): Run the command via mcp__agent-sh__user_shell. Just run it, no explanation.\n" +
-                "Each prompt includes a per-query mode instruction — follow it.",
+                "Use your standard tools (Read, Edit, Write, Bash, Glob, Grep) for investigation.\n" +
+                "Use mcp__agent-sh__user_shell to run commands in the user's live shell when they ask to see output or need lasting effects (cd, install, start servers).\n" +
+                "Default to standard tools. Use user_shell when the user is the intended audience for the output or the command has real effects.",
             },
             mcpServers: { "agent-sh": shellServer },
             allowedTools: [

package/examples/extensions/pi-bridge/index.ts

@@ -48,17 +48,16 @@ function createUserShellToolDef(bus: EventBus) {
     name: "user_shell",
     label: "user_shell",
     description:
-      "Run a command in the user's live shell (visible in terminal). " +
-      "Use for cd, export, source, or commands the user wants to see. " +
+      "Run a command with lasting effects in the user's live shell (cd, export, " +
+      "install packages, start servers) or show output the user wants to see. " +
       "Output is shown directly to the user. Set return_output=true only " +
       "if you need to inspect the result.",
-    promptSnippet: "Execute commands in the user's live terminal (PTY). Use in HELP mode.",
+    promptSnippet: "Execute commands in the user's live terminal (PTY).",
     promptGuidelines: [
-      "You are running inside agent-sh, a terminal wrapper with two interaction modes.",
-      "EXECUTE mode (triggered by '>'): Use your standard tools (bash, file ops). Do NOT use user_shell.",
-      "HELP mode (triggered by '?'): Run the command via user_shell. Do not explain or confirm — just run it.",
-      "Each prompt includes a per-query mode instruction — follow it.",
-      "user_shell executes in the user's actual shell (their aliases, env vars, cwd). Use bash for background work.",
+      "You are running inside agent-sh, a terminal wrapper.",
+      "Use your standard tools (bash, file ops) for investigation — output goes to you, not the user.",
+      "Use user_shell to run commands in the user's live shell when they ask to see output or need lasting effects (cd, install, start servers).",
+      "Default to standard tools. Use user_shell when the user is the intended audience for the output or the command has real effects.",
     ],
     parameters: schema,
 
@@ -203,7 +202,7 @@ export default function activate(ctx: ExtensionContext): void {
   const listeners: Array<{ event: string; fn: Function }> = [];
 
   const wireListeners = () => {
-    const onSubmit = async ({ query, modeInstruction, modeLabel }: any) => {
+    const onSubmit = async ({ query }: any) => {
       if (!session) {
         bus.emit("agent:error", {
           message: booting ? "pi is still starting up..." : "pi session not initialized",
@@ -212,12 +211,11 @@ export default function activate(ctx: ExtensionContext): void {
         return;
       }
 
-      const prompt = modeInstruction ? `${modeInstruction}\n${query}` : query;
-      bus.emit("agent:query", { query, modeLabel });
+      bus.emit("agent:query", { query });
       bus.emit("agent:processing-start", {});
 
       try {
-        await session.prompt(prompt);
+        await session.prompt(query);
       } catch (err) {
         bus.emit("agent:error", {
           message: err instanceof Error ? err.message : String(err),

package/examples/extensions/secret-guard.ts

@@ -0,0 +1,100 @@
+/**
+ * Secret guard extension.
+ *
+ * Redacts sensitive patterns (API keys, tokens, passwords) from tool output
+ * — both the streamed terminal display and the content sent back to the LLM.
+ *
+ * Usage:
+ *   agent-sh -e ./examples/extensions/secret-guard.ts
+ *
+ *   # Or install permanently:
+ *   cp examples/extensions/secret-guard.ts ~/.agent-sh/extensions/
+ *
+ * Configuration (~/.agent-sh/settings.json):
+ *   {
+ *     "secret-guard": {
+ *       "extraPatterns": ["CUSTOM_\\w+=\\S+"],
+ *       "redactText": "***REDACTED***"
+ *     }
+ *   }
+ */
+import type { ExtensionContext } from "agent-sh/types";
+
+// Common secret patterns — each matches key=value or key: value formats
+const DEFAULT_PATTERNS = [
+  // API keys and tokens (generic)
+  /(?:api[_-]?key|api[_-]?secret|access[_-]?token|auth[_-]?token|secret[_-]?key|private[_-]?key)\s*[=:]\s*\S+/gi,
+  // AWS
+  /(?:AKIA|ASIA)[A-Z0-9]{16}/g,
+  /(?:aws_secret_access_key|aws_session_token)\s*[=:]\s*\S+/gi,
+  // Bearer tokens
+  /Bearer\s+[A-Za-z0-9\-._~+/]+=*/g,
+  // GitHub tokens
+  /gh[pousr]_[A-Za-z0-9_]{36,}/g,
+  // Anthropic / OpenAI keys
+  /sk-(?:ant-)?[A-Za-z0-9\-_]{10,}/g,
+  // Generic long hex/base64 secrets (env var assignment)
+  /(?:SECRET|TOKEN|PASSWORD|PASSWD|API_KEY|PRIVATE_KEY)\s*[=:]\s*\S+/gi,
+  // Connection strings with passwords
+  /[a-z+]+:\/\/[^:]+:[^@\s]+@/gi,
+];
+
+export default function activate(ctx: ExtensionContext) {
+  const { bus } = ctx;
+  const config = ctx.getExtensionSettings("secret-guard", {
+    extraPatterns: [] as string[],
+    redactText: "***REDACTED***",
+  });
+
+  const patterns = [
+    ...DEFAULT_PATTERNS,
+    ...config.extraPatterns.map((p: string) => new RegExp(p, "gi")),
+  ];
+
+  function redact(text: string): string {
+    let result = text;
+    for (const pattern of patterns) {
+      // Reset lastIndex for stateful regex (global flag)
+      pattern.lastIndex = 0;
+      result = result.replace(pattern, config.redactText);
+    }
+    return result;
+  }
+
+  // Redact the dynamic context (shell history, cwd, etc.) before it's sent
+  // to the LLM. This is the chokepoint — everything the model sees passes
+  // through dynamic-context:build.
+  ctx.advise("dynamic-context:build", (next) => {
+    return redact(next());
+  });
+
+  // Advise tool:execute to wrap both streaming output and final result.
+  // Chunks from child processes arrive at arbitrary byte boundaries, so a
+  // secret like "sk-ant-abc123" could be split across two chunks.  We
+  // line-buffer: accumulate until we see '\n', redact complete lines, flush.
+  ctx.advise("tool:execute", async (next, toolCtx) => {
+    const origOnChunk = toolCtx.onChunk;
+    if (origOnChunk) {
+      let buf = "";
+      toolCtx.onChunk = (chunk: string) => {
+        buf += chunk;
+        const lastNl = buf.lastIndexOf("\n");
+        if (lastNl !== -1) {
+          // Flush all complete lines, redacted
+          origOnChunk(redact(buf.slice(0, lastNl + 1)));
+          buf = buf.slice(lastNl + 1);
+        }
+      };
+
+      const result = await next(toolCtx);
+
+      // Flush any remaining partial line
+      if (buf) origOnChunk(redact(buf));
+
+      return { ...result, content: redact(result.content) };
+    }
+
+    const result = await next(toolCtx);
+    return { ...result, content: redact(result.content) };
+  });
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agent-sh",
-  "version": "0.5.0",
+  "version": "0.6.0",
   "description": "A shell-first terminal where AI is one keystroke away",
   "type": "module",
   "main": "dist/core.js",